Cisco 400-007 Exam With Confidence Using Practice Dumps

—

Let’s calculate total 1-year cost for each option using the provided table:

DWDM over dark fiber:

CAPEX = $250,000

OPEX (1 year) = $100,000

Installation fee = $30,000

Total = $250,000 + $100,000 + $30,000 = $380,000

CWDM over dark fiber:

CAPEX = $150,000

OPEX (1 year) = $100,000

Installation fee = $25,000

Total = $150,000 + $100,000 + $25,000 = $275,000

MPLS wires only:

CAPEX = $50,000

OPEX (1 year) = $80,000

Installation fee = $5,000

Total = $50,000 + $80,000 + $5,000 = $135,000

BUT: MPLS does not allow customer-controlled QoS policies as stated in the requirement (cannot run its own varying QoS profiles without SP interaction). Therefore disqualified.

Metro Ethernet:

CAPEX = $45,000

OPEX (1 year) = $100,000

Installation fee = $5,000

Total = $45,000 + $100,000 + $5,000 = $150,000

BUT: Metro Ethernet is also typically a service provider-managed solution where customer-controlled QoS is usually limited depending on SP capabilities. May not fully meet the requirement.

—

The key technical requirement:

“Be able to run its own varying QoS profiles without service provider interaction.”

This clearly favors dark fiber solutions (CWDM and DWDM), as these give full Layer 1 control to the customer, allowing complete freedom in managing QoS, traffic engineering, and prioritization internally.

Among the two dark fiber options, CWDM over dark fiber is the most cost-effective choice for one year at $275,000.

—

Therefore, final correct answer:

A (Confidentiality): Protects information from unauthorized access.

D (Availability): Ensures resources are accessible when needed.

E (Integrity): Ensures data is not tampered with or altered improperly.

These three form the core of information security design principles known as the CIA triad (Confidentiality, Integrity, Availability), directly referenced in CCDE v3.1 security design sections.

Why other options are incorrect:

B, C, F: While important for network design, they are not part of the core security protection objectives.

—

STP Bridge Assuranceis a mechanism used to protect againstunidirectional link failureson point-to-point STP connections in environments likeRapid PVST+ and MST. When Bridge Assurance is enabled, BPDUs are expected on all BPDUs-capable interfaces. If a switch stops receiving BPDUs on a point-to-point link where Bridge Assurance is enabled, it assumes the link has failed and transitions the port to blocking to prevent a loop.

This is especially useful in high-availability enterprise designs that require protection from unexpected switch behavior or partial link failures.

Why other options are incorrect:

A. BPDU Guard: Protects access ports by placing them in an err-disabled state if BPDUs are received—useful at the edge, not for core loop protection.

C. MSTP: Refers to the protocol itself but does not solve the unidirectional link issue on its own.

D. TRILL: A different architecture (layer 2 routing) and not applicable to Rapid PVST+ or MST-specific protection.